Page 108 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 108

Focused on Assets This method uses asset valuation results and
               attempts to identify threats to the valuable assets. For example, a

               specific asset can be evaluated to determine if it is susceptible to an
               attack. If the asset hosts data, access controls can be evaluated to
               identify threats that can bypass authentication or authorization
               mechanisms.

               Focused on Attackers Some organizations are able to identify
               potential attackers and can identify the threats they represent based

               on the attacker’s goals. For example, a government is often able to
               identify potential attackers and recognize what the attackers want to
               achieve. They can then use this knowledge to identify and protect their
               relevant assets. A challenge with this approach is that new attackers
               can appear that weren’t previously considered a threat.

               Focused on Software If an organization develops software, it can
               consider potential threats against the software. Although

               organizations didn’t commonly develop their own software years ago,
               it’s common to do so today. Specifically, most organizations have a
               web presence, and many create their own web pages. Fancy web pages
               drive more traffic, but they also require more sophisticated
               programming and present additional threats.

               If the threat is identified as an attacker (as opposed to a natural
               threat), threat modeling attempts to identify what the attacker may be

               trying to accomplish. Some attackers may want to disable a system,
               whereas other attackers may want to steal data. Once such threats are
               identified, they are categorized based on their goals or motivations.
               Additionally, it’s common to pair threats with vulnerabilities to
               identify threats that can exploit vulnerabilities and represent
               significant risks to the organization. An ultimate goal of threat
               modeling is to prioritize the potential threats against an organization’s

               valuable assets.

               When attempting to inventory and categorize threats, it is often
               helpful to use a guide or reference. Microsoft developed a threat
               categorization scheme known as the STRIDE threat model. STRIDE is
               often used in relation to assessing threats against applications or
               operating systems. However, it can also be used in other contexts as
   103   104   105   106   107   108   109   110   111   112   113